GPG Encryption/Decryption Failing

Sirisha Gopigiri sirisha.gopigiri at ericsson.com
Wed Nov 18 12:51:51 CET 2020


Hi

Thank you for the reply and we have looked into the documentation.

But after debugging a little we found that we are running into this issue only if we use gpg 2.2.4 version. We tested the same code with gpg 1.4.20 version and it seems to work fine. I mean we ran the test cases for the code like 20 times and we haven't got this error at least once. So we were thinking if we are missing out some configuration with gpg 2.2.4. Could you please help us?

Thank you in advance!

Best Regards
Sirisha Gopigiri
________________________________
From: A NiceBoy <wangtianjiao.wang959 at gmail.com>
Sent: 17 November 2020 07:05
To: Sirisha Gopigiri <sirisha.gopigiri at ericsson.com>
Cc: gnupg-users at gnupg.org <gnupg-users at gnupg.org>; E Guhan <e.guhan at ericsson.com>; Michelle Eslinger A <michelle.a.eslinger at ericsson.com>; Deepak Kataria <deepak.kataria at ericsson.com>
Subject: Re: GPG Encryption/Decryption Failing

Hello Sirisha,

I read from Mozilla's official documentation which states that SOPS
command-line client is preferred, the SOPS library should be used only
for decryption.

The link is here: https://godoc.org/go.mozilla.org/sops/v3

>This package should not be used directly. Instead, Sops users should install the command line client >via `go get -u go.mozilla.org/sops/v3/cmd/sops`, or use the decryption helper provided at >`go.mozilla.org/sops/v3/decrypt`.

>We do not guarantee API stability for any package other than `go.mozilla.org/sops/v3/decrypt`.

My two cents.

Best regards

On Fri, 13 Nov 2020 at 17:08, Sirisha Gopigiri via Gnupg-users
<gnupg-users at gnupg.org> wrote:
>
> Hi,
>
> We are trying to use SOPS+GPG to encrypt/decrypt yaml files and we have written some go wrapper using sops library to perform the required encryption/decryption. However when trying to execute this code the gpg library seems to be failing at keygeneration most of the time with the following error.
>
> failed to encrypt new data key with master key "681E3A89EB1DAFD36EB883120A73BB48E26694D8": could not encrypt data key with PGP key: golang.org/x/crypto/openpgp error: key with fingerprint 681E3A89EB1DAFD36EB883120A73BB48E26694D8 is not available in keyring and could not be retrieved from keyserver; GPG binary error: gpg binary failed with error: exit status 2, gpg: 681E3A89EB1DAFD36EB883120A73BB48E26694D8: skipped: No public key
>
> Seems like it is unable to fetch the public key, we are executing the code locally, so we are using the local public and private keys only.
>
> Though we can list the public key locally, we keep getting the above error quite frequently. However, the encryption/decryption is happening successfully the other times.
>
> Kindly let us know if we are missing anything.
>
> We are facing this error only with gpg 2.1.x version, gpg 1.4.x version seems to be working fine.
>
>
> Thank you in advance!
>
> Best Regards
> Sirisha Gopigiri
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://protect2.fireeye.com/v1/url?k=146cabc1-4bf79282-146ceb5a-861fcb972bfc-84bc22f40f25e6db&q=1&e=7a9f0586-9961-40e8-9e54-93a010f749b1&u=http%3A%2F%2Flists.gnupg.org%2Fmailman%2Flistinfo%2Fgnupg-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201118/7286d62c/attachment.html>


More information about the Gnupg-users mailing list